William Budington

William Budington

Senior Staff Technologist

Bill is a long time activist, programmer, and cryptography enthusiast. He works on EFF's Tech Projects team as a security engineer and technologist, and is the lead developer for HTTPS Everywhere and Panopticlick. He has also contributed to projects such as Let's Encrypt and SecureDrop. Bill can be found talking to crowds of people on soap boxes and stages in far off places, or doing digital security trainings for organizations. He loves hacker spaces and getting together with other techies to tinker, code, share, and build the technological commons. Er spricht auch gern Deutsch!

Deeplinks Posts by William

This year has been full of developments in messaging platforms that employ encryption to protect users. 2016 saw an increase in the level of security for some major messaging services, bringing end-to-end encryption to over a billion people. Unfortunately, we’ve also seen major platforms making poor decisions for users and...

After the election, individuals took to the streets across the country to express their outrage and disappointment at the result of the U.S. presidential election. Many protesters may not be aware of the unfortunate fact that exercising their First Amendment rights may open themselves up to certain risks. Those engaging...

UPDATE (1/26/17): In response to news about WhatsApp's key management choices, we have added additional information about related trade-offs under "Key change notifications." After careful consideration, we have decided to add additional warnings and caveats about using WhatsApp to our Surveillance Self Defense guide.
No technology is 100 percent...

In August, an entity calling itself the “Shadow Brokers” took the security world by surprise by publishing what appears to be a portion of the NSA’s hacking toolset. Government investigators now believe that the Shadow Brokers stole the cache of powerful NSA network exploitation tools from a computer located outside...

In a win for the open source community, router maker TP-Link will be required to allow consumers to install third-party firmware on their wireless routers, the Federal Communications Commission (FCC) announced Monday. The announcement comes on the heels of a settlement requiring TP-Link to pay a $200,000 fine for...

End-to-end encryption has just gone massively mainstream. In an update on March 31st, the Facebook-owned messaging platform WhatsApp quietly pushed an update adding end-to-end encryption enabled by default to its chat and call functionality. They announced the change publicly on Tuesday, allowing the app's over 1 billion monthly...

Chances are that you didn't go a few days without hearing the word "cyber" last year. It's for good reason. It was a year of data breaches and hacks, impacting the public and private sector alike. Congress used some of these incidents to fear-monger and pass fundamentally ...

If you’ve spent any time reading about encryption this year, you know we’re in the midst of a “debate.” You may have also noted that it’s a strange debate, one that largely replays the same arguments made nearly 20 years ago, when the government abandoned its attempts...

Today we're launching version 2.0 of our tracking and fingerprinting detection tool, Panopticlick. This version brings new tests to our existing tool, such as canvas and touch-capability fingerprinting, updating its ability to uniquely identify browsers with current techniques. In addition, we're adding a brand new suite of tests that...

In an unusually direct attack on online privacy and free speech, the ruling regime of Kazakhstan appears to have mandated the country's telecommunications operators to intercept citizens' Internet traffic using a government-issued certificate starting on January 1, 2016. The press release announcing the new measure was published last week...